dpd3982 2016-10-15 17:40
浏览 28

编码函数输出中不可读的文本

I'm using a function to encode and decode some text , But seems it doesn't support my country language (Persian) and change them to some unreadable text, How can i fix it .

<?php                
class encrypt {
    /********* Encode *********/
    public static function encode($pure_string, $encryption_key) {
        $iv_size = mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_ECB);
        $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
        $encrypted_string = mcrypt_encrypt(MCRYPT_BLOWFISH, md5(base64_encode(trim($encryption_key))), utf8_encode(trim($pure_string)), MCRYPT_MODE_ECB, $iv);
        return base64_encode($encrypted_string);
    }

    /********** Decode ************ */
    public static function decode($encrypted_string, $encryption_key) {
        $iv_size = mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_ECB);
        $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
        $decrypted_string = mcrypt_decrypt(MCRYPT_BLOWFISH, md5(base64_encode(trim($encryption_key))),base64_decode(trim($encrypted_string)), MCRYPT_MODE_ECB, $iv);
        return $decrypted_string;
    }

}
?>
  • 写回答

1条回答 默认 最新

  • doubu5035 2016-10-15 18:37
    关注

    1. The same IV needs to be used for encryption and decryption, a general method is to prefix the encrypted data with the IV for use during decryption.

    2. There is no need to Base64 encode or trim the encryption key.

    3. Do not trim the encrypted data, encrypted data can contain null (0x00) bytes.

    4. Encryption operates on bytes, not characters, as such any text language makes no difference.

    5. Adding calls inline to other calls just makes debugging more difficult, separate the steps into separate statements with intermediate variables.

    6. Do not use Blowfish, use AES, even the creator of Blowfish uses AES.

    7. Do not use ECB mode, it is insecure, see ECB mode, scroll down to the Penguin.

    8. ECB mode does not use an IV.

    9. What you are doing is encryption, not encoding.

    10. Consider using defuse or RNCryptor, they provide a complete solution and are being maintained.

    评论

报告相同问题?

悬赏问题

  • ¥15 ads仿真结果在圆图上是怎么读数的
  • ¥20 Cotex M3的调试和程序执行方式是什么样的?
  • ¥20 java项目连接sqlserver时报ssl相关错误
  • ¥15 一道python难题3
  • ¥15 用matlab 设计一个不动点迭代法求解非线性方程组的代码
  • ¥15 牛顿斯科特系数表表示
  • ¥15 arduino 步进电机
  • ¥20 程序进入HardFault_Handler
  • ¥15 oracle集群安装出bug
  • ¥15 关于#python#的问题:自动化测试